Topic: change domain/disable email

[dwater]

Hi,

How can I change the domain of my SME server?

We have only recently obtained a public ip address (although it is dynamic), and so I would like to change the domain from the one we used while it was private [1], to the new one hosted at yi.org.

I would also like to disable the email function of SME server. I found some posts on disabling the email proxy and I've done that - is that enough? Can I easily turn off the email web interface and leave the other web pages on?

Can someone tell me how best to do this?

Thanks!

Max.

[1] we own the domain name, but we won't want to use it for this server.

[raem]

dwater

Log in as admin and run Configure this server

Install the services control contrib, disbable mail retrieval and mail transport
You probably won't receive admin emails anymore though.

Be careful what else you turn off as you may lock yourself out of server manager

[dwater]

dwater

Log in as admin and run Configure this server

Install the services control contrib, disbable mail retrieval and mail transport
You probably won't receive admin emails anymore though.

Be careful what else you turn off as you may lock yourself out of server manager

Hrm. Having thought about this some more and let the issue fester until it has become more urgent (isn't that the way it's supposed to work ), I think the real issue I am asking about is this :

The email for our domain is handled by an email ISP on the internet. On our internal network, the SME server is claiming it is handling the email for our domain. It is overriding the MX record for our domain. I would like to disable it from doing that.

I would like to still receive admin email messages though - so, I guess I still want email enabled, but for the SME host alone, not for the whole domain.

Does this make any sense?

Max.

[raem]

dwater

Get whoever controls your domain records to change the MX record to forward email for your domain to your ISP and point everything else at your sme server IP.

Your sme mail server will only work for local messages or outgoing messages depending on how you configure your server & email clients.

[dwater]

dwater

Get whoever controls your domain records to change the MX record to forward email for your domain to your ISP and point everything else at your sme server IP.

That's already done.

Your sme mail server will only work for local messages or outgoing messages depending on how you configure your server & email clients.

I don't think this is true. What if :

1) We have another email server on the intranet. How can that send to addresses in my domain? They will look up an MX record for my domain and the SME server will say it is the host.
2) Almost all smtp servers bounce messages from our intranet - perhaps because the ISP providing our internet connection is also used by many spammers/open relays, or admins have blindly blocked email originating from China.

I really think I need to stop SME advertising itself as the MX for our domain. Is this not possible?

Max.

[raem]

dwater

> Get whoever controls your domain records to change > the MX record to forward email for your domain to > your ISP and point everything else at your sme
> server IP.

>> That's already done.

>> I really think I need to stop SME advertising
>> itself as the MX for our domain. Is this not
>> possible?

I don't follow you now, how can the MX record already be pointing at your ISP and also pointing at your sme server ?

[dwater]

dwater

> Get whoever controls your domain records to change > the MX record to forward email for your domain to > your ISP and point everything else at your sme
> server IP.

>> That's already done.

>> I really think I need to stop SME advertising
>> itself as the MX for our domain. Is this not
>> possible?

I don't follow you now, how can the MX record already be pointing at your ISP and also pointing at your sme server ?

Hosts on the internet (eventually) use a DNS server on the internet to resolve the MX record. That DNS server is set to advertise another internet host as the MX record.
However, hosts on our intranet use our local SME server as a DNS server. It thinks it is the destination for mail and so sets the MX record to point to itself, effectively overriding the MX record setting on the internet.

Max.

[raem]

dwater

My understanding is that your domain name maintainer configures your records to (usually) point all requests for your domain (be it mail http, ftp etc) to your sme server public IP. The server (usually) handles all requests including mail.

You are asking for the mail to be handled by your ISP's mail server and are talking about changing the MX records to make it so. In that case you get the MX record configured by whoever hosts your domain records, to send mail to your ISP and send all other requests to your sme server.

Perhaps you really want this though.
If you want a different server to handle the mail part of those services, then it seems to me that you shouldn't be mucking with MX records but more simply set up the Delegate mail server in server manager Email panel and put your ISP's mail server IP in there. Read the manual.

But you also seem to be asking for email functionality on your local sme server. I assume you want to use the same main domain name for your sme servers domain name, and that then is a problem, you cannot have 2 mail servers acting for the same domain.

Can you be somewhat more explicit about what you are really trying to achieve here and give examples of what domain names you are using and where they are used.

[dwater]

Can you be somewhat more explicit about what you are really trying to achieve here and give examples of what domain names you are using and where they are used.

OK, since I don't seem to have explained the situation well enough.

Our domain is 'jingmei.org'.

We previously did not have a public IP address (we had a private/static), so I chose a sensible host and domain name.

The hostname of the SME server is 'truth.jingmei.org', and the overall domain is 'jingmei.org'.

We have since changed our internet connection ISP to one that gives us a public/dynamic IP address (like DSL, but it is a MAN), so I wanted to make use of that for testing. I set it up to update an A record on yi.org (actually, a few of them) - they are all subdomains of yi.org - eg jingmei.yi.org.

The A records for the 'real' jingmei.org domain are in the process of being manipulated to point at a 3rd party. They will handle web and email for the jingmei.org domain. So, http://www.jingmei.org/ will come from them, and email sent to anyone@jingmei.org will go to their server too.

Of course, this screws with the SME 'idea' that it is handling everything for it's domain.

Ideally, I would like to just change the domain to the 'yi'org' one. I'm not sure exactly what that would effect. The SMB 'domain' is different - it's "LDI" - so I don't need to change that (I suppose my reluctance to change the domainname comes from the difficulty in changing the SMB 'domain').

The immediate problem is just that I want to stop the DNS server on the SME server from advertising itself as handling the mail for jingmei.org.

It's name is truth.jingmei.org and I want it to still handle email for that domain - ie mail sent to/from anyone@truth.jingmei.org. Specifically, I would like it to forward root@jingmei.org (etc) to my own email address.

Does this make anything clearer?

Any recommendations? I know it's become a bit of a mess now, but it is still a live system which, on the whole, does actually work, so I would like to not risk breaking it.

Thanks.

Max.

[dwater]

Did any of that make sense?

Any further advice? How to stop SME's from providing an MX record for it's domain?

I tried delegating the domain in the server-manager, but it didn't make any difference to the MX record. The text alongside the form seems to suggest it is for internal mail servers, but I don't think that makes any difference - even if I set it to an internal address, the MX record doesn't change.

Max.

[raem]

dwater

I don't think your concept that the sme server provides the MX record for your domain is correct.
The MX record is configured by whoever hosts your domain records and that is external to your sme server. DNS and MX are different things, your sme server is a DNS server.

You say "I tried delegating the domain in the server-manager, but it didn't make any difference to the MX record."

Where are you expecting to see a change in the MX record ?

[raem]

dwater

http://www.google.com.au/search?hl=en&q=MX+records&meta=

[dwater]

dwater

I don't think your concept that the sme server provides the MX record for your domain is correct.

OK, though I think it is correct. As evidence, I log into the SME server and run :

$ dig -t mx jingmei.org

; <<>> DiG 9.2.1 <<>> -t mx jingmei.org
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 229
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;jingmei.org.                   IN      MX

;; ANSWER SECTION:
jingmei.org.            86400   IN      MX      0 truth.jingmei.org.

;; Query time: 25 msec
;; SERVER: 192.168.189.1#53(192.168.189.1)
;; WHEN: Wed Aug 10 12:38:09 2005
;; MSG SIZE  rcvd: 51

Which says it is providing the mail service for the jingmei.org domain. It's name is truth.jingmei.org, and it's private address is 192.168.189.1, which, of course, wouldn't do much good on the internet anyway.

The MX record is configured by whoever hosts your domain records and that is external to your sme server. DNS and MX are different things, your sme server is a DNS server.

OK, though I disagree. MX is part of DNS, as evidence I would supply :

http://www.dnsstuff.com/tools/lookup.ch?name=jingmei.org&type=MX

which says that, on the internet, it points to m1.dnsix.com (which is another problem), not 192.168.189.1 or truth.jingmei.org.

You say "I tried delegating the domain in the server-manager, but it didn't make any difference to the MX record."

Where are you expecting to see a change in the MX record ?

I'm not sure 'expecting' is the right word. "Hoping", perhaps.

Max.

[raem]

dwater

I'm a novice myself re DNS & MX records but.....
Did you read any of the search links I provided for you ?

>...Which says it is providing the mail service for the jingmei.org domain.

The MX record is different to the mail service. Of course your local sme server is providing the mail service for whatever domain it is configured to be (as long as the external MX record points to that server).

Yes the MX record is part of the external DNS record and bascially tells mail which mail server to go to.
So your above example says that mail sent to jingmei.org does in fact go to truth.jingmei.org

You seem to be saying that you don't want that and that is why I am saying you need to change the MX record to point to your ISP's mail server.
 

>....DNS and MX are different things, your sme
> server is a DNS server.

Depends whether we are talking about DNS servers or DNS records, obviously I meant DNS server while you meant record.

> I'm not sure 'expecting' is the right
> word. "Hoping", perhaps.

You still don't say where you are expecting to see a change, do you expect that by changing some setting on your sme server that the external MX record is going to change, if so that's not correct. You need to contact whoever hosts your DNS & MX records & get them to change it or do it online if you have an account/access.

If I have it wrong please correct me, as I said I'm a novice...

[dwater]

dwater

I'm a novice myself re DNS & MX records but.....
Did you read any of the search links I provided for you ?

yeah, well, I don't consider myself to be a novice on DNS or MX record. I'm not an expert, for sure, but I'm no novice. However, I looked at the first one google result, but it didn't seem to be telling me anything I didn't already know, so I didn't look at any of the others.

>...Which says it is providing the mail service for the jingmei.org domain.

The MX record is different to the mail service.

The MX record is telling everyone who asks where to deliver mail. Sure, it is different, but they are directly related.

Of course your local sme server is providing the mail service for whatever domain it is configured to be (as long as the external MX record points to that server).

Quite. It is this 'of course' that I am trying to stop.

Yes the MX record is part of the external DNS record and bascially tells mail which mail server to go to.
So your above example says that mail sent to jingmei.org does in fact go to truth.jingmei.org

You seem to be saying that you don't want that and that is why I am saying you need to change the MX record to point to your ISP's mail server.

Sure, but I am saying that this delegation thing isn't working, and that I would rather it didn't override the internet DNS setting and just forward the MX query to the next upstream server, like it does most other requests.

>....DNS and MX are different things, your sme
> server is a DNS server.

Depends whether we are talking about DNS servers or DNS records, obviously I meant DNS server while you meant record.

OK, fine, but MX is a DNS record. It's not an A record, but it is a record all the same.

> I'm not sure 'expecting' is the right
> word. "Hoping", perhaps.

You still don't say where you are expecting to see a change, do you expect that by changing some setting on your sme server that the external MX record is going to change, if so that's not correct.

Nope. I'm saying that the SME server is resolving the MX query itself. I want it to just forward the request to the next upstream DNS server which will, eventually, respond with the name given to the rest of the internet.

You need to contact whoever hosts your DNS & MX records & get them to change it or do it online if you have an account/access.

I do that already. I want the SME server to stop resolving the MX query itself and forward the request to an upstream DNS server. I don't mind it caching it, but I don't want it to think it knows 'best', which, of course, it thinks now, since it thinks it is hosting everything for that domain.

I sense an upcoming weekend being wasted experimenting with reconfiguring the server - can't do that while it's live, of course (

Max.

[raem]

dwater

What is the actual primary domain name you have used on your sme server when you configured it ?

[dwater]

dwater

What is the actual primary domain name you have used on your sme server when you configured it ?

jingmei.org

[raem]

dwater

Browsing to www.jingmei.org gives a 404 File not found error although I can ping www.jingmei.org successfully

Does that make sense in your current configuration, you mentioned earlier that the external DNS record is still being configured so it obviously does not point to your sme server as yet for http requests.

www.jingmeil.yi.org does resolve to your (I assume) server OK.


PING www.jingmei.org (220.194.62.28) from xxx.xxx.xxx.xxx : 56(84) bytes of data.
64 bytes from 220.194.62.28: icmp_seq=1 ttl=106 time=307 ms


If your sme server primary domain is www.jingmei.org, then I think what I said earlier still applies, you can't have 2 servers with the same domain name ie your ISP host and your own sme server. You should rename your sme server with a different domain, and then it will not be receiving & delivering email for jingmei.org.

Have you also looked at the Hostnames & addresses panel, you can configure different functionality there for various types of requests.

[dwater]

dwater

Browsing to www.jingmei.org gives a 404 File not found error although I can ping www.jingmei.org successfully

Does that make sense in your current configuration, you mentioned earlier that the external DNS record is still being configured so it obviously does not point to your sme server as yet for http requests.

It's a typo in the DNS record. It should end in 128, not just 128. The MX record points who knows where and needs changing too. This is a separate problem.

www.jingmeil.yi.org does resolve to your (I assume) server OK.

Really? Apart from your typo, I haven't set up a 'www.jingmei.yi.org' - actually, they don't allow sub-subdomains on yi.org, IIRC (maybe if you pay). jingmei.yi.org resolves though. I use it for testing.

If your sme server primary domain is www.jingmei.org,

Nope. It's jingmei.org, not www.jingmei.org. The latter domain is/shouldBe/willBe 220.194.62.128.

then I think what I said earlier still applies, you can't have 2 servers with the same domain name ie your ISP host and your own sme server. You should rename your sme server with a different domain, and then it will not be receiving & delivering email for jingmei.org.

Well, there may be some truth to this. However, this is not a mail problem - it is a DNS problem. I want the DNS server on truth.jingmei.org/jingmei.yi.org to stop thinking it is handling mail for jingmei.org, and only handling email for itself (truth.jingmei.org/jingmei.yi.org).

I don't see how to stop it from thinking it basically provides every service for the whole domain. I notice someone else mentioned the services-control contrib, but that seems to have disappeared.

Have you also looked at the Hostnames & addresses panel, you can configure different functionality there for various types of requests.

I have, and it looks to me like you can only configure A records (or possibly CNAME), not MX records, and it doesn't have an option for the whole domain. I'm not sure where that setting it stored. It's not in /etc/hosts either. I see that jingmei.org is listed in the 'manage domains' panel, but there's no 'remove' option by it, like there is for other domains I can add. 'Modify' doesn't reveal anything useful.

I have this in the email panel :

Code: [Select]

The Your server includes a complete, full-featured e-mail server. However, if for some
   reason you wish to delegate e-mail processing to another system, specify the IP address
   of the delegate system here. For normal operation, leave this field blank.
   Address of internal mail server 220.194.62.128______

I'm rapidly thinking that SME server isn't designed to be the sort of host it would be if I could manipulate the DNS easily and I should just change the primary domain from the configure script.

Hrm. I've just found the /var/service/tinydns/root/data file. Looks like it contains the data for the MX record :

Code: [Select]

# MX Records
@jingmei.org::truth.jingmei.org

I'll bet if I delete it (using /etc/e-smith/templates-custom, as it says), it'll do what I want. Then, even if it is still running an email server, no one will know and so no one will try to deliver message to it.

I guess I have to decide if I want to make a temporary, but less 'dangerous', change to the tinydns config, or go the whole hog and switch domains completely.

Hrm. Thanks.

Max.

[raem]

dwater

> jingmei.yi.org resolves though....for testing.

Sorry I meant to say http://jingmei.org


>  I see that jingmei.org is listed in the 'manage
> domains' panel, but there's no 'remove' option

That's because it is the Primary domain not a virtual domain. You can only change the Primary domain by logging in as admin and running Configure this server


> I have this in the email panel.....
> For normal operation, leave this field blank.
>   Address of internal mail server 220.194.62.128

Why do you have an entry there, that's only if you want a different server to manage your mail (which I thought you wanted earlier but not anymore).
I think you should remove that and leave it blank, as suggested for normal operation... or is that meant to be the IP of the server that you want to handle all mail.

That IP (http://220.194.62.128) resolves, to a chinese (?) web page that I cannot read. Is that correct, who's server is that ?


> I guess I have to decide if I want to make a
> temporary, but less 'dangerous', change to the tinydns config, or go the whole hog and switch domains completely.

I would have thought changing the domain name of your server, perhaps to jingmei.yi.org, is easy (all done in 10 minutes) & less dangerous than fiddling with config files.

[dwater]

>  I see that jingmei.org is listed in the 'manage
> domains' panel, but there's no 'remove' option

That's because it is the Primary domain not a virtual domain. You can only change the Primary domain by logging in as admin and running Configure this server

Indeed, that seems to be the way. It's kind of all or nothing.

> I have this in the email panel.....
> For normal operation, leave this field blank.
>   Address of internal mail server 220.194.62.128

Why do you have an entry there, that's only if you want a different server to manage your mail (which I thought you wanted earlier but not anymore).

I want email for jingmei.org to be handled by another server. That's the whole point. ...but I want it to handle email for it's own local domain - ie truth.jingmei.org. I don't even care if it wants to handle mail for jingmei.org, so long as it doesn't tell anybody (ie doesn't publish an MX record).

I think you should remove that and leave it blank, as suggested for normal operation... or is that meant to be the IP of the server that you want to handle all mail.

It actually *is* the server I want to handle mail, but not *all* mail.

That IP (http://220.194.62.128) resolves, to a chinese (?) web page that I cannot read. Is that correct, who's server is that ?

That is correct. It is the host for our domain's httpd and smtpd. I guess it has pop3/imap too, though I'm not sure about that.

> I guess I have to decide if I want to make a
> temporary, but less 'dangerous', change to the tinydns config, or go the whole hog and switch domains completely.

I would have thought changing the domain name of your server, perhaps to jingmei.yi.org, is easy (all done in 10 minutes) & less dangerous than fiddling with config files.

Well, perhaps it is, and that is useful to know for sure. How about side effects of changing the domain name? I know we couldn't do it on a W2K server without serious hassles (esp. since I don't have a clue about any Microsoft - nor do I desire to have a clue about anything Microsoft). Perhaps there are other things on the network that depends on being in the jingmei.org domain and changing it stops them from working (pure speculation, of course, though based on having had to set it all up myself).

I think that it would be less dangerous changing the system in just a single small way (removing a small entry in the DNS) rather than changing the whole system (changing the primary domain will effect many different parts and who knows which parts).

It seems to me that removing the MX record from the DNS is the simplest and least likely change to effect anything.

Max.

[raem]

dwater

> How about side effects of changing the domain name?

Well as far as the server functionality is concerned I think it is OK to change as the changes will flow through the (base) system. I have done it on lightly configured systems without any difficulties other than needing to change/setup external DNS records.

If you have other apps installed with config files that include the primary domain name, then they may need to be changed also.
I don't know what else you have installed so only you will know the extent of that issue.


> It seems to me that removing the MX record from
> the DNS is the simplest and least likely change to > effect anything.

Try it then and tell us how it goes.

[dmac]

I have been following the discussion here and am a bit confused.

Are you trying to have the SME server serve up the domain truth.jingmei.org or jingmei.org?

If you want the truth.jinjmei.org, access the admin configuration from the local terminal and change the domain name to match.  (I.E. truth.jingmei.org)

Not 100% sure but you could also change the SME server to be a Private-Server/Gateway, this should prevent any broadcasting of DNS records on the internet.

Also, what version are you running?  If you have 6.01, find the update script http://no.longer.valid/phpwiki/index.php/SME6.0.1Contribs .  this should update your system and add the Services panel.  

<edit> May not, I have installed with 6.01-01, the custom build of SME Server 6.01, this may have already had the Services panel. </edit>

Darin MacLachlan

[CharlieBrady]

Not 100% sure but you could also change the SME server to be a Private-Server/Gateway, this should prevent any broadcasting of DNS records on the internet.

Except for customers of Mitel's ServiceLink, there is no publication of DNS records on the Internet. The DNS configuration of the smeserver is only visible on the LAN.